I agree that people should be aware of it and that it is there.

However, this shouldn't be a surprise to anyone who bought the game, as it is primarily MP focused and seems to be trying to get an E-sports presence.

A lot of more advanced cheaters use kernel level hacks to get into games, so that level of access is required for it to do its job.

I looked into the kernel level access claim regarding malware access for another game several months ago and found it to be mostly unfounded.

Learning about how it works and what it does exactly alleviated my concerns quite a bit. Though, I couldn't remember enough about it now to explain it myself without doing another several hours of research I've no interest in doing. So take it with a grain of salt and look it up for yourself if it worries you.

When and how it is active is part of the reason it's not really much of a security concern as I recall.

Security concerns are not really founded as far as I gathered. There are lots of ways for hackers to get into your system that would be less effort than hacking in through anti-cheat. It's not really a practical concern unless evidence of that sort of thing happening exists.

[If someone has it, feel free to post it. I'm not infallible and if there is an actual reason for concern beyond theoretical I'll happily amend my comment.]

"In theory" doesn't mean much, as "in theory" there are lots of programs you probably have installed that could get into your system that way, including Windows system files. Think like an engineer about this sort of thing and look at what is practical rather than "possible".

Pretty much any major MP game from a major publisher is going to have that kind of anti-cheat installed these days.

I find it to mostly be conspiracy theory and people not bothering to actually research the topic before parroting what they read in some thread somewhere.

As things on your computer you should worry about go, "anti-cheat could allow access to malware" is pretty close to a nil concern, at least at the moment.

If you're that worried about security, you probably shouldn't have Steam, Origins, Epic, or any other launcher installed in the first place. They are just as "dangerous" to your system.

This appears to be preventing me from being able to play as well.

Thanks for the info/post.

Originally posted by darthokkata:

I agree that people should be aware of it and that it is there.

However, this shouldn't be a surprise to anyone who bought the game, as it is primarily MP focused and seems to be trying to get an E-sports presence.

A lot of more advanced cheaters use kernel level hacks to get into games, so that level of access is required for it to do its job.

I looked into the kernel level access claim regarding malware access for another game several months ago and found it to be mostly unfounded.

Learning about how it works and what it does exactly alleviated my concerns quite a bit. Though, I couldn't remember enough about it now to explain it myself without doing another several hours of research I've no interest in doing. So take it with a grain of salt and look it up for yourself if it worries you.

When and how it is active is part of the reason it's not really much of a security concern as I recall.

Security concerns are not really founded as far as I gathered. There are lots of ways for hackers to get into your system that would be less effort than hacking in through anti-cheat. It's not really a practical concern unless evidence of that sort of thing happening exists.

[If someone has it, feel free to post it. I'm not infallible and if there is an actual reason for concern beyond theoretical I'll happily amend my comment.]

"In theory" doesn't mean much, as "in theory" there are lots of programs you probably have installed that could get into your system that way, including Windows system files. Think like an engineer about this sort of thing and look at what is practical rather than "possible".

Pretty much any major MP game from a major publisher is going to have that kind of anti-cheat installed these days.

I find it to mostly be conspiracy theory and people not bothering to actually research the topic before parroting what they read in some thread somewhere.

As things on your computer you should worry about go, "anti-cheat could allow access to malware" is pretty close to a nil concern, at least at the moment.

If you're that worried about security, you probably shouldn't have Steam, Origins, Epic, or any other launcher installed in the first place. They are just as "dangerous" to your system.

There are a few good points brought up here. I would say that most of the information downplaying the level of risk comes from the anti cheat makers and the publishers that use it. Origin and steam do not have ring 0 access, so its not a fair comparison. Security issues aside ring 0 software can interfere with other legit software running on a system , or just refuse to work with it. In rare cases it can stop the system working all together.

As I seid in my first post I seek to inform, No game is worth potentially compromising the level of control a user has over their system or the stability of a system. At the very least there should be informed consent before it's installed, so people can assess the risks and make a choise they are comfortable with

Originally posted by EH Horus Blackheart:

There are a few good points brought up here. I would say that most of the information downplaying the level of risk comes from the anti cheat makers and the publishers that use it. Origin and steam do not have ring 0 access, so its not a fair comparison. Security issues aside ring 0 software can interfere with other legit software running on a system , or just refuse to work with it. In rare cases it can stop the system working all together.

As I seid in my first post I seek to inform, No game is worth potentially compromising the level of control a user has over their system or the stability of a system. At the very least there should be informed consent before it's installed, so people can assess the risks and make a choise they are comfortable with

No, it doesn't. I know how to look for unbiased sources and people with actual technical knowledge rather than game blogs trying to sensationalize for clicks.

I can think of exactly one example of kernel access anti-cheat causing system problems. It was Valorant using Vanguard and was only a problem when it first launched that was quickly fixed. Not something like EAC which has been around and stable for a while.

It was mostly caused by them not knowing what they were doing yet and being overly aggressive. An issue a long standing anti-cheat like BattlEye and EAC likely wouldn't have.

As I said, a lot of MP games have anti cheat, and several use kernel access. Battle Eye, EAC, and Denuvo all have anti-cheat software that operate on a kernel level, and there are others as well.

You're throwing out overblown claims about system stability and security. Again, "possibility" is less important than evidence of actual problems that have occurred because of this software.

Some of your Windows system files are just as "dangerous" as anti-cheat software like EAC. This is exactly why Windows gets security updates all the time.

The risk is low enough it's not worth considering unless there's reason to suspect that such issues exist with the particular software you're talking about.

People know and do monitor these programs and we'd quickly find out if they were actually doing something suspicious. There are entire communities centered around digging through this sort of software to find out exactly what it is doing to people's systems.

Also, yes it is completely fair.

Every program you install has some potential attack vector. Even the Windows OS itself.

Steam has had 2 local privilege escalation exploits not that long ago. Which could be used to infect or compromise your OS and access and manipulate data.

Source Engine also had a couple of remote code execution exploits that could be used to access anyone on the same server and remote access someone's PC.

Those are things that actually existed, not some theoretical "maybe this could happen" scenario.

As far as I'm aware, there has never been such an exploit exposed in any anti-cheat software. Feel free to correct me if I'm wrong, especially regarding EAC in particular, and I'll revise.

Even then, I still think it's overblown due to how insecure just being on the internet on Windows is to begin with unless there is a consistent pattern of breeches or evidence that such exploits went ignored and weren't fixed.

If you're this worried about anti-cheat compromising your PC, just disconnect your PC from the internet entirely and disable any wifi. It's the only way you'll be safe from that sort of thing.

If you want something that is 100% safe and secure with internet access, you shouldn't even be using Windows.

Again, I agree that people should be aware that it is there and what it is doing, but honestly most of the panic and outrage over software like this is based on not understanding the software on their system or how it works.

I completely get what people don't like about DRM, especially when it's overdone and intrusive, but anti-cheat is not the same thing.

I'm not saying blindly trust, as I said there are people who look at what is being done to their computers, what information is being sent and received, and will make public shady practices and questionable data.

Trust, but verify. Words to live by regarding this sort of thing.

Originally posted by darthokkata:

Originally posted by EH Horus Blackheart:

There are a few good points brought up here. I would say that most of the information downplaying the level of risk comes from the anti cheat makers and the publishers that use it. Origin and steam do not have ring 0 access, so its not a fair comparison. Security issues aside ring 0 software can interfere with other legit software running on a system , or just refuse to work with it. In rare cases it can stop the system working all together.

As I seid in my first post I seek to inform, No game is worth potentially compromising the level of control a user has over their system or the stability of a system. At the very least there should be informed consent before it's installed, so people can assess the risks and make a choise they are comfortable with

No, it doesn't. I know how to look for unbiased sources and people with actual technical knowledge rather than game blogs trying to sensationalize for clicks.

I can think of exactly one example of kernel access anti-cheat causing system problems. It was Valorant and was only a problem when it first launched that was quickly fixed. Not something like EAC which has been around and stable for a while.

As I said, a lot of MP games have anti cheat, and several use kernel access. Battle Eye, EAC, and Denuvo all have anti-cheat software that operate on a kernel level, and there are others as well.

You're throwing out overblown claims about system stability and security. Again, "possibility" is less important than evidence of actual problems that have occurred because of this software.

Some of your Windows system files are just as "dangerous" as anti-cheat software like EAC.

The risk is low enough it's not worth considering unless there's reason to suspect that such issues exist with the particular software you're talking about.

People know and do monitor these programs and we'd quickly find out if they were actually doing something suspicious. There are entire communities centered around digging through this sort of software to find out exactly what it is doing to people's systems.

Also, yes it is completely fair.

Every program you install has some potential attack vector. Even the Windows OS itself.

Steam has had 2 local privilege escalation exploits not that long ago. Which could be used to infect or compromise your OS and access and manipulate data.

Source Engine also had a couple of remote code execution exploits that could be used to access anyone on the same server and remote access someone's PC.

Those are things that actually existed, not some theoretical "maybe this could happen" scenario.

As far as I'm aware, there has never been such an exploit exposed in any anti-cheat software.

If you're this worried about anti-cheat compromising your PC, just disconnect your PC from the internet entirely and disable any wifi. It's the only way you'll be safe from that sort of thing.

Again, I agree that people should be aware that it is there and what it is doing, but honestly most of the panic and outrage over software like this is based on not understanding the software or how their computer works regarding software.

I'm not saying blindly trust, as I said there are people who look at what is being done to their computers, what information is being sent and received, and will make public shady practices and questionable data.

Trust, but verify. Words to live by regarding this sort of thing.

You make it sound like i'm a tinfoil hat nut :P i'm not panicing nor am i ignorant about how software and windows works. Most of the issues arise from how other software (older drivers and firmware in most cases) interact with the anti cheat or drm in question. neither scenario needs ring 0 access to function its over kill. Is ragnarok level doom, probably not but this type of software is inherently prone to being buggy. (more than usal that is) For some, Including me that level of uncertainty is not worth it over something we buy for entertainment.
To use a non gaming example just look at the intel management engine and how much of a clown show that is for system security. keep inm mind that most users dont care about any of the risks and just want to play there game.

I'm mostly calling out EA for pulling this crap and not informing people.

Originally posted by EH Horus Blackheart:

You make it sound like i'm a tinfoil hat nut :P i'm not panicing nor am i ignorant about how software and windows works. Most of the issues arise from how other software (older drivers and firmware in most cases) interact with the anti cheat or drm in question. neither scenario needs ring 0 access to function its over kill. Is ragnarok level doom, probably not but this type of software is inherently prone to being buggy. (more than usal that is) For some, Including me that level of uncertainty is not worth it over something we buy for entertainment.
To use a non gaming example just look at the intel management engine and how much of a clown show that is for system security. keep inm mind that most users dont care about any of the risks and just want to play there game.

I'm mostly calling out EA for pulling this crap and not informing people.

That last one is kind of a valid point, but honestly, why would you buy a new MP focused EA game and not expect it to have anti-cheat?

Most people who are aware enough to care about a program like Easy Anti-cheat would just assume Squadrons would use some form of kernel level anti-cheat because they've been putting it into every MP thing they release for a while now.

It's not some new thing they just started doing with Squadrons.

As for your post...

Based on what exactly?

Where is the evidence it is particularly buggy? Don't just say it, provide recent examples that can be verified. Otherwise it is just a bald claim.

What is the exact security risk? What are the exploits exactly? How are they worse than other vulnerabilities exactly, and why is the risk of them being exploited more likely than other software?

Those Valve vulnerabilities could be used to access all of your data and destroy your OS, why is anti-cheat's potential attack vector somehow worse?

What specific examples can you provide of this that I can verify?

It is also relevant whether any issues are related to EAC specifically, or if it is another brand of anti-cheat. A different company screwing something up doesn't mean everyone else does the same thing.

With specific examples I can look it up for myself, determine a pattern if there is one, and don't have to rely on your word alone or random forum posts from anons.

No one is defending DRM. It's a completely different topic so that's not relevant.

Yes, anti-cheat does need kernel level access to combat cheats at that level, which are common. Not having that level of access puts the software at a disadvantage and into a position where it can't do anything about those sorts of cheats.

A simple search will show you that these cheats exist, and that hackers are completely aware that this kind of anti-cheat software can detect them.

I'm pretty sure you don't know what you're talking about and are just repeating things you've seen on forums like this before without bothering to verify or understand it.

Originally posted by darthokkata:

Originally posted by EH Horus Blackheart:

You make it sound like i'm a tinfoil hat nut :P i'm not panicing nor am i ignorant about how software and windows works. Most of the issues arise from how other software (older drivers and firmware in most cases) interact with the anti cheat or drm in question. neither scenario needs ring 0 access to function its over kill. Is ragnarok level doom, probably not but this type of software is inherently prone to being buggy. (more than usal that is) For some, Including me that level of uncertainty is not worth it over something we buy for entertainment.
To use a non gaming example just look at the intel management engine and how much of a clown show that is for system security. keep inm mind that most users dont care about any of the risks and just want to play there game.

I'm mostly calling out EA for pulling this crap and not informing people.

That last one is kind of a valid point, but honestly, why would you buy a new MP focused EA game and not expect it to have anti-cheat?

Most people who are aware enough to care about a program like Easy Anti-cheat would just assume Squadrons would use some form of kernel level anti-cheat because they've been putting it into every MP thing they release for a while now.

As for your post...

Based on what exactly?

Where is the evidence it is particularly buggy? Don't just say it, provide recent examples that can be verified. Otherwise it is just a bald claim.

What is the exact security risk, what are the exploits exactly? How are they worse than other vulnerabilities exactly and why is the risk of them being exploited greater than other exploits?

What specific examples can you provide of this that I can verify?

It is also relevant whether any issues are related to EAC specifically, or if it is another brand of anti-cheat. A different company screwing something up doesn't mean everyone else does the same thing.

With specific examples I can look it up for myself, determine a pattern if there is one, and don't have to rely on your word alone or random forum posts from anons.

No one is defending DRM. It's a completely different topic so that's not relevant.

Yes, anti-cheat does need kernel level access to combat cheats at that level, which are common. Not having that level of access puts the software at a disadvantage and into a position where it can't do anything about those sorts of cheats.

A simple search will show you that these cheats exist, and that hackers are completely aware that this kind of anti-cheat software can detect them.

I'm pretty sure you don't know what you're talking about and are just repeating things you've seen on forums like this before without bothering to verify or understand it.

i'm not agenst anti cheat i'm agenst this implementation of it. As for examples of buggy behaviour, msi afterbuner and some rgb control software has incompatblitys with some anti cheat software. Punkbuster was and still is notorious for being unstable. I'm not saying systems like vac are any better Problems happen in ether case. Frankly this was only done to chase the esports crowd.

your line of argument is simlar to one rolled out to defend invasive (and ineffective drm) solutions as well. I don't sail the seas myself nor do i want this to devolve in to hyperbole and half baked assumptions about each others iq , simply because one or other of us can't see the concern.

At a basic level I have issues with being treated as a potental problem and having my system subject to software I don't want or need to stop a few morons using cheats. The trade off is not worth it to me.
I remember when sony bundled root kits on music cd's that stopped people using cd's they bought from playing on there computers out of paranoia that some would rip them and put them on the internet. Those same rootkits left a security hole at the same time and could not be removed by the user with out a tool. It got so bad that microsoft black listed a lot of this stuff as a security risk.

To sum up: You personaly want to enjoy the game and don't see any issues with how this is implamented. That's totaly fine. I happen to think its shady as hell and causes more issues than it solves.

Originally posted by EH Horus Blackheart:

i'm not agenst anti cheat i'm agenst this implementation of it. As for examples of buggy behaviour, msi afterbuner and some rgb control software has incompatblitys with some anti cheat software. Punkbuster was and still is notorious for being unstable. I'm not saying systems like vac are any better Problems happen in ether case. Frankly this was only done to chase the esports crowd.

your line of argument is simlar to one rolled out to defend invasive (and ineffective drm) solutions as well. I don't sail the seas myself nor do i want this to devolve in to hyperbole and half baked assumptions about each others iq , simply because one or other of us can't see the concern.

At a basic level I have issues with being treated as a potental problem and having my system subject to software I don't want or need to stop a few morons using cheats. The trade off is not worth it to me.
I remember when sony bundled root kits on music cd's that stopped people using cd's they bought from playing on there computers out of paranoia that some would rip them and put them on the internet. Those same rootkits left a security hole at the same time and could not be removed by the user with out a tool. It got so bad that microsoft black listed a lot of this stuff as a security risk.

To sum up: You personaly want to enjoy the game and don't see any issues with how this is implamented. That's totaly fine. I happen to think its shady as hell and causes more issues than it solves.

Except it doesn't cause more issues than it solves. EAC is pretty much one of the most stable anti-cheat systems out there.

It's also weird that you didn't expect it given the nature of the game and the publisher. At this point EA should expect you to expect it to be there without having to announce it. It's not deceptively hidden, but is part for the course and to be expected given the nature of the game.

This is not the same thing as when Bethesda added anti-cheat after the fact to Doom Eternal, which I kind of get being upset about.

My point is that you are vastly overblowing the impact this sort of software actually has over unfounded concerns.

It's less that you personally are choosing not to, but that you're spreading overblown rumors that could scare other people away from things they might otherwise enjoy over what is essentially low to no greater risk than anything else they install.

Just because a small handful of extremely minor problems occasionally show up. Which could be said of basically any software ever put onto a Windows system.

I can see not liking Punkbuster and not installing games that use it when there is a history of instability that can be verified regarding that particular system, but they have nothing to do with any other anti-cheat software.

That's like not ever installing any video game because you heard a story online about how a bad Bethesda save corrupted someone's HDDs once and they were forced to reformat to fix it.

It's also worth pointing out that they can't take your word for not cheating any more than they can take anyone else's. It's not something they can really do on a case by case basis due to the nature of cheating.

It's the price to pay for modern MP gaming, because it's a lesser evil than having handfuls of buttholes ruining games for thousands of players. That's not an exaggeration as they can destroy entire game economies in some cases and can infest PvP games making actual gameplay frustrating and at times literally impossible for honest players to enjoy.

You personally not valuing it more than having a background software that most likely has no performance impact and doesn't interfere with the operation of your system doesn't mean that the rest of the player base would feel the same way if they actually understood what it does and how it will actually impact their systems.

Nor should it be something you should be able to opt out of, because anti-cheat only works on the client end. Even if someone is running anti-cheat, it doesn't prevent them from being negatively affected by someone running cheats on their end.

This is a case of the needs of the many outweighing the needs of the few, especially considering the actual real world negative impact that anti-cheat software actually has 99.9% of the time on the vast majority of hardware, which is none at all.

Opening a link contained in an E-mail is actually a bigger risk than running anti-cheat security wise.

Your first assumption that people "should have expected" this implamentation of anti cheat is a bit of a straw man argument. similar to conflating the risk of clicking on a link in an email to that of kernal level software.that is instaled with out prior notice. In the first case we have best practice and security software to mitgate the risk of malicious or unsafe software getting on to the system.

EA did not provide that information on the page prior to purchase, Are we all expected to research all the 3rd party bloatware a publisher might use before deciding to buy something?

further more Just because software is signed does not mean its problem free or considered safe..

I'm not spreading any miss information. This was never about any one anti cheat implamentation. You decided to cherry pick to suit your case.

To your point about not buying a game because it might corrupt a save is a bit of a reach. the two concepts are not at the same level of risk. If you had mentioned anthem bricking some ps4s then that would be a like comparison.

You also seem to think that i';m more coserned with the fact the anticheat is used rather than how it functions. Again I don't care that they want to use anti cheat. I care about how its implamented and the fact it was not disclosed prior or during instalation.

As to background software I run a minimal set of programs at startup as a rule, only what is required. I had issues with how microsoft implamented cordana to stay memory resadent even when explicitly turned off in settings. And lets not forget the data collection.

The things you consider not to be issues are down to your perspective. In squadrons case it's using a hammer to crack a nut.

My opting out of anti cheat was never in question. However had I known before hand I would not have bought the game in the first place.

Just because VAC works 99.99% of the time does not mean its good or even handed any automated solution has flaws that can be exploited. vac is server side so it never affects a users system an anyway.

Originally posted by darthokkata:

No, it doesn't. I know how to look for unbiased sources and people with actual technical knowledge rather than game blogs trying to sensationalize for clicks.

You clearly don't know how to be unbiased yourself when doing that kind of research, though.
And you don't appear to have the faintest idea what you're talking about, either.

You basically sound like them console owners when they talk about and compare their machine's "teraflops" to the competition.

Originally posted by EH Horus Blackheart:

As I seid in my first post I seek to inform, No game is worth potentially compromising the level of control a user has over their system or the stability of a system. At the very least there should be informed consent before it's installed, so people can assess the risks and make a choise they are comfortable with

If you want to play MP with some sort of effective anti cheat there really is no other way. Millions of people play games that use this type of anti cheat. Its really not as much of a deal as people made it out to be.

If you use your computer for sensitive work I recommend making a second OS install instead.

Reading through this I think one major thing is being overlooked. Just becaseu something can be exploited doesn't mean it will. The thing that will be exloited will be the thing that is easiest for a hacker to exploit. There are many ways to get into your system and many ways to have system privilages that are far easier than exploitinbg a software that literally is designed to stop hacking in games.

Here is the thing. The vast majority of people who will be hacking your computer are script kitties who don't know what they are doing. When you get someone who knows what they are doing there is no real way to stop them. I mean when's the last time you updated your router's firmware? When is the last time you did a penetration test on your own network? What holes did you find? Which holes were unable to be closed? How are you going to deal with those vulnerable areas?

I mean in reality if you are running windows 10, or a mackbook you are already open to many current vulnerabilities just running those operating systems and those security flaws are far easier to exploit and far more universal for a hacker to exploit. Gaming security flaws are not high tier vulnerabilities due to the generally low population of computer gamers. hackers want you bank information or they want your CAD files on your work computer and most exploits will be focused on those areas.

If someone specifically targeted you which is incredibly unlikely they could use it, but they more likely will use an exploit that already exists and was developed to work on the majority of PCs not eac. And if they were skilled enough to write an exploit to take advantage of that vulnerability they are talented enough to get into your system in 100 different other ways aswell.

This is really a non-issue.

And if you are really that concerned with security just don't use your gaming PC for anything sensitive. get yourself a secure linux box. You can get a raspberri Pi for 30 bucks and do secure stuff there running a security concious linux distro keeping it offline 90% of the time. Because thats about as safe as you can be and it is still not 100% and someone who is specifically targeting you can still find away. Which is why its good that people generally aren't targeted by hackers individually.